Adobe fixes two Flash Player vulnerabilities

By
Follow google news

Adobe is encouraging users of Flash Player to upgrade to the latest version to avoid falling victim to two vulnerabilities that could allow attackers to take complete system control.

Adobe fixes two Flash Player vulnerabilities
Rated "highly critical" by vulnerability tracking firm Secunia, the flaws can be corrected by upgrading to version 9.0.47.0, according to an Adobe security bulletin issued Tuesday.

One of the bugs is an input validation error that can be exploited to execute arbitrary code if a user clicks on an untrusted link and visits a malicious website, according to Adobe and Secunia advisories.

The other vulnerability can lead to a cross-site request forgery attack, which dupes a trusted user into loading a page containing a malicious request.

In this case, a bug in the Flash Player causes the HTTP referrer to be insufficiently validated.

According to Adobe, users unable to upgrade to Flash Player version 9 can continue to use a patched version of Flash Player 7.

Add iTnews as your trusted source

Add iTnews As Your Trusted Source Add iTnews As Your Trusted Source
Got a news tip for our journalists? Share it with us anonymously here.
Tags:
adobefixesflashplayersecuritytwovulnerabilities

Sponsored Whitepapers

1 in 3 companies lose SaaS data. Here’s how to prevent it
1 in 3 companies lose SaaS data. Here’s how to prevent it
The biggest AI opportunities are still ahead
The biggest AI opportunities are still ahead
AI workflows vs. AI agents: From automation to autonomy
AI workflows vs. AI agents: From automation to autonomy
Context engineering with hybrid search for agentic AI
Context engineering with hybrid search for agentic AI
Building search in the age of generative AI: A blueprint for success
Building search in the age of generative AI: A blueprint for success

Events

Most Read Articles

Services Australia describes fraud, debt-related machine learning use cases

Services Australia describes fraud, debt-related machine learning use cases
Medibank reveals attack vector and cost of 2022 security breach

Medibank reveals attack vector and cost of 2022 security breach
USB stick opens Windows BitLocker drives in new zero-day

USB stick opens Windows BitLocker drives in new zero-day
GitHub compromised, allegedly by TeamPCP

GitHub compromised, allegedly by TeamPCP
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?